pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/bind911 net/bind911: update to 9.11.5
details: https://anonhg.NetBSD.org/pkgsrc/rev/c29ae5fa9fc0
branches: trunk
changeset: 386494:c29ae5fa9fc0
user: taca <taca%pkgsrc.org@localhost>
date: Sun Oct 21 15:51:14 2018 +0000
description:
net/bind911: update to 9.11.5
--- 9.11.5 released ---
--- 9.11.5rc1 released ---
5038. [bug] Chaosnet addresses were compared incorrectly.
[GL #562]
5034. [bug] A race between threads could prevent zone maintenance
scheduled immediately after zone load from being
performed. [GL #542]
5033. [bug] When adding NTAs to multiple views using "rndc nta",
the text returned via rndc was incorrectly terminated
after the first line, making it look as if only one
NTA had been added. Also, it was not possible to
differentiate between views with the same name but
different classes; this has been corrected with the
addition of a "-class" option. [GL #105]
5032. [func] Add krb5-selfsub and ms-selfsub update policy rules.
[GL #511]
5030. [bug] Align CMSG buffers to a 64-bit boundary, fixes crash
on architectures with strict alignment. [GL #521]
5028. [bug] Spread the initial RRSIG expiration times over the
entire working sig-validity-interval when signing a
zone in named to even out re-signing and transfer
loads. [GL #418]
5026. [bug] rndc reconfig should not touch already loaded zones.
[GL #276]
5022. [doc] Update ms-self, ms-subdomain, krb5-self, and
krb5-subdomain documentation. [GL !708]
5021. [bug] dig returned a non-zero exit code when it received a
reply over TCP after a retry. [GL #487]
5019. [cleanup] A message is now logged when ixfr-from-differences is
set at zone level for an inline-signed zone. [GL #470]
5018. [bug] Fix incorrect sizeof arguments in lib/isc/pk11.c.
[GL !588]
5017. [bug] lib/isc/pk11.c failed to unlink the session before
releasing the lock which is unsafe. [GL !589]
5016. [bug] Named could assert with overlapping filter-aaaa and
dns64 acls. [GL #445]
5015. [bug] Reloading all zones caused zone maintenance to cease
for inline-signed zones. [GL #435]
5014. [bug] Signatures loaded from the journal for the signed
version of an inline-signed zone were not scheduled for
refresh. [GL #482]
5012. [bug] Fix lock order reversal in pk11_initialize. [GL !590]
5009. [bug] Upon an OpenSSL failure, the first error in the OpenSSL
error queue was not logged. [GL #476]
5008. [bug] "rndc signing -nsec3param ..." requests were silently
ignored for zones which were not yet loaded or
transferred. [GL #468]
5007. [cleanup] Replace custom ISC boolean and integer data types
with C99 stdint.h and stdbool.h types. [GL #9]
5005. [bug] dnssec-verify, and dnssec-signzone at the verification
step, failed on some validly signed zones. [GL #442]
5004. [bug] 'rndc reconfig' could cause inline zones to stop
re-signing. [GL #439]
5003. [bug] dns_acl_isinsecure did not handle geoip elements.
[GL #406]
5002. [bug] mdig: Handle malformed +ednsopt option, support 100
+ednsopt options per query rather than 100 total and
address memory leaks if +ednsopt was specified.
[GL #410]
5001. [bug] Fix refcount errors on error paths. [GL !563]
4996. [bug] dig: Handle malformed +ednsopt option. [GL #403]
4995. [test] Add tests for "tcp-self" update policy. [GL !282]
4994. [bug] Trust anchor telemetry queries were not being sent
upstream for locally served zones. [GL #392]
4992. [bug] The wrong address was being logged for trust anchor
telemetry queries. [GL #379]
4990. [bug] Prevent a possible NULL reference in pkcs11-keygen.
[GL #401]
diffstat:
net/bind911/Makefile | 4 +-
net/bind911/distinfo | 15 +-
net/bind911/patches/patch-bin_dig_dighost.c | 128 ----------------------
net/bind911/patches/patch-lib_isc_unix_socket.c | 39 ++----
net/bind911/patches/patch-lib_lwres_getaddrinfo.c | 30 +----
5 files changed, 27 insertions(+), 189 deletions(-)
diffs (273 lines):
diff -r 85117f49c04b -r c29ae5fa9fc0 net/bind911/Makefile
--- a/net/bind911/Makefile Sun Oct 21 05:48:56 2018 +0000
+++ b/net/bind911/Makefile Sun Oct 21 15:51:14 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.4 2018/09/27 04:24:18 wiz Exp $
+# $NetBSD: Makefile,v 1.5 2018/10/21 15:51:14 taca Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-P/pl/}
@@ -14,7 +14,7 @@
MAKE_JOBS_SAFE= no
-BIND_VERSION= 9.11.4-P2
+BIND_VERSION= 9.11.5
.include "../../mk/bsd.prefs.mk"
diff -r 85117f49c04b -r c29ae5fa9fc0 net/bind911/distinfo
--- a/net/bind911/distinfo Sun Oct 21 05:48:56 2018 +0000
+++ b/net/bind911/distinfo Sun Oct 21 15:51:14 2018 +0000
@@ -1,15 +1,14 @@
-$NetBSD: distinfo,v 1.2 2018/09/20 10:01:36 taca Exp $
+$NetBSD: distinfo,v 1.3 2018/10/21 15:51:14 taca Exp $
-SHA1 (bind-9.11.4-P2.tar.gz) = f01eada382fb2bd4d1fcab3f6f83bd3ebc35a9ab
-RMD160 (bind-9.11.4-P2.tar.gz) = 152448ebda7d9824f6035a35466ee29ed0391ab3
-SHA512 (bind-9.11.4-P2.tar.gz) = 6c01810526fc40485a6c0403d1ddc3b76d2e59b3426b5789436bd671f158d2fa0ea7c0aef2de81998ec715dabd06683fed7b17224d5c794c61e7100a69d4cb60
-Size (bind-9.11.4-P2.tar.gz) = 9617963 bytes
-SHA1 (patch-bin_dig_dighost.c) = c87f145a0e78df5d1b834bfec90ab3b4523ee915
+SHA1 (bind-9.11.5.tar.gz) = a87a1d6a94be03110ea4776001a75d29a3634cbc
+RMD160 (bind-9.11.5.tar.gz) = 7ac8f391f875d2eba07a1a31495ba1e1209a118a
+SHA512 (bind-9.11.5.tar.gz) = 7e34c8033dabaed232479b1dc2849d1247c0137bcb2b63f08f8f72ff2cca0f73e0f05d0b9b8959f8c4db8ee36a700af30fe869be186c7bab7c81a25843384b8d
+Size (bind-9.11.5.tar.gz) = 8810710 bytes
SHA1 (patch-bin_tests_system_metadata_tests.sh) = d01a492d0b7738760bdbff714248e279a78fef28
SHA1 (patch-config.threads.in) = 8341bdb11888d3efdde5f115de91b1f46aa40bd0
SHA1 (patch-configure) = 9e488b315253dd9cf84e6658468e26399798b0e6
SHA1 (patch-contrib_dlz_config.dlz.in) = 6c53d61aaaf1a952a867e4c4da0194db94f511d7
SHA1 (patch-lib_dns_rbt.c) = 8af91b6d40b591d28d15f7f98c9b7a82df234381
-SHA1 (patch-lib_isc_unix_socket.c) = 73cbf20f8a1e4714450d291332ee928b1eb2898a
-SHA1 (patch-lib_lwres_getaddrinfo.c) = 656109a2c1583b38ed8a8e0cda6a95f71e4771a0
+SHA1 (patch-lib_isc_unix_socket.c) = dff0163246985d0750b2c99ce7673b257df3e5bf
+SHA1 (patch-lib_lwres_getaddrinfo.c) = 1956a857c1b158dbe95c46d90ab406e0030e321e
SHA1 (patch-lib_lwres_getnameinfo.c) = 366100a25064f43bd938e9acf31188c917b45cbe
diff -r 85117f49c04b -r c29ae5fa9fc0 net/bind911/patches/patch-bin_dig_dighost.c
--- a/net/bind911/patches/patch-bin_dig_dighost.c Sun Oct 21 05:48:56 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,128 +0,0 @@
-$NetBSD: patch-bin_dig_dighost.c,v 1.1 2018/09/09 13:11:38 taca Exp $
-
-* Avoid to use true as variable name.
-
---- bin/dig/dighost.c.orig 2018-07-03 06:56:55.000000000 +0000
-+++ bin/dig/dighost.c
-@@ -5215,7 +5215,7 @@ prepare_lookup(dns_name_t *name)
- isc_buffer_t *b = NULL;
- isc_region_t r;
- dns_rdataset_t *rdataset = NULL;
-- isc_boolean_t true = ISC_TRUE;
-+ isc_boolean_t isc_true = ISC_TRUE;
- #endif
-
- memset(namestr, 0, DNS_NAME_FORMATSIZE);
-@@ -5229,7 +5229,7 @@ prepare_lookup(dns_name_t *name)
-
- result = advanced_rrsearch(&rdataset, &ns.name,
- dns_rdatatype_aaaa,
-- dns_rdatatype_any, &true);
-+ dns_rdatatype_any, &isc_true);
- if (result == ISC_R_SUCCESS) {
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
-@@ -5258,7 +5258,7 @@ prepare_lookup(dns_name_t *name)
-
- rdataset = NULL;
- result = advanced_rrsearch(&rdataset, &ns.name, dns_rdatatype_a,
-- dns_rdatatype_any, &true);
-+ dns_rdatatype_any, &isc_true);
- if (result == ISC_R_SUCCESS) {
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
-@@ -5377,11 +5377,11 @@ isc_result_t
- initialization(dns_name_t *name)
- {
- isc_result_t result;
-- isc_boolean_t true = ISC_TRUE;
-+ isc_boolean_t isc_true = ISC_TRUE;
-
- chase_nsrdataset = NULL;
- result = advanced_rrsearch(&chase_nsrdataset, name, dns_rdatatype_ns,
-- dns_rdatatype_any, &true);
-+ dns_rdatatype_any, &isc_true);
- if (result != ISC_R_SUCCESS) {
- printf("\n;; NS RRset is missing to continue validation:"
- " FAILED\n\n");
-@@ -5736,7 +5736,7 @@ sigchase_td(dns_message_t *msg)
- isc_result_t result;
- dns_name_t *name = NULL;
- isc_boolean_t have_answer = ISC_FALSE;
-- isc_boolean_t true = ISC_TRUE;
-+ isc_boolean_t isc_true = ISC_TRUE;
-
- if (msg->rcode != dns_rcode_noerror &&
- msg->rcode != dns_rcode_nxdomain) {
-@@ -5759,7 +5759,7 @@ sigchase_td(dns_message_t *msg)
- initialization(name);
- return;
- }
-- have_answer = true;
-+ have_answer = isc_true;
- } else {
- if (!current_lookup->trace_root_sigchase) {
- result = dns_message_firstname(msg,
-@@ -5878,7 +5878,7 @@ sigchase_td(dns_message_t *msg)
- dns_rdatatype_rrsig,
- current_lookup
- ->rdtype_sigchase,
-- &true);
-+ &isc_true);
- if (result == ISC_R_FAILURE) {
- printf("\n;; RRset is missing to continue"
- " validation SHOULD NOT APPEND:"
-@@ -5891,7 +5891,7 @@ sigchase_td(dns_message_t *msg)
- &chase_authority_name,
- dns_rdatatype_rrsig,
- dns_rdatatype_any,
-- &true);
-+ &isc_true);
- if (result == ISC_R_FAILURE) {
- printf("\n;; RRSIG is missing to continue"
- " validation SHOULD NOT APPEND:"
-@@ -5967,7 +5967,7 @@ sigchase_td(dns_message_t *msg)
- &chase_authority_name,
- dns_rdatatype_rrsig,
- dns_rdatatype_ds,
-- &true);
-+ &isc_true);
- if (result != ISC_R_SUCCESS) {
- printf("\n;; DSset is missing to continue validation:"
- " FAILED\n\n");
-@@ -6054,7 +6054,7 @@ sigchase_td(dns_message_t *msg)
- result = advanced_rrsearch(&chase_rdataset, &chase_name,
- current_lookup->rdtype_sigchase,
- dns_rdatatype_any ,
-- &true);
-+ &isc_true);
- if (result == ISC_R_FAILURE) {
- printf("\n;; RRsig of RRset is missing to continue validation"
- " SHOULD NOT APPEND: FAILED\n\n");
-@@ -6097,7 +6097,7 @@ getneededrr(dns_message_t *msg)
- dns_name_t *name = NULL;
- dns_rdata_t sigrdata = DNS_RDATA_INIT;
- dns_rdata_sig_t siginfo;
-- isc_boolean_t true = ISC_TRUE;
-+ isc_boolean_t isc_true = ISC_TRUE;
-
- if ((result = dns_message_firstname(msg, DNS_SECTION_ANSWER))
- != ISC_R_SUCCESS) {
-@@ -6113,7 +6113,7 @@ getneededrr(dns_message_t *msg)
- if (chase_rdataset == NULL) {
- result = advanced_rrsearch(&chase_rdataset, name,
- dns_rdatatype_any,
-- dns_rdatatype_any, &true);
-+ dns_rdatatype_any, &isc_true);
- if (result != ISC_R_SUCCESS) {
- printf("\n;; No Answers: Validation FAILED\n\n");
- return (ISC_R_NOTFOUND);
-@@ -6232,7 +6232,7 @@ getneededrr(dns_message_t *msg)
- result = advanced_rrsearch(&chase_sigdsrdataset,
- &chase_signame,
- dns_rdatatype_rrsig,
-- dns_rdatatype_ds, &true);
-+ dns_rdatatype_ds, &isc_true);
- if (result == ISC_R_FAILURE) {
- printf(";; WARNING : NO RRSIG DS : RRSIG DS"
- " should come with DS\n");
diff -r 85117f49c04b -r c29ae5fa9fc0 net/bind911/patches/patch-lib_isc_unix_socket.c
--- a/net/bind911/patches/patch-lib_isc_unix_socket.c Sun Oct 21 05:48:56 2018 +0000
+++ b/net/bind911/patches/patch-lib_isc_unix_socket.c Sun Oct 21 15:51:14 2018 +0000
@@ -1,33 +1,24 @@
-$NetBSD: patch-lib_isc_unix_socket.c,v 1.1 2018/09/09 13:11:38 taca Exp $
+$NetBSD: patch-lib_isc_unix_socket.c,v 1.2 2018/10/21 15:51:14 taca Exp $
-Make ENOBUFS a soft error
-https://gitlab.isc.org/isc-projects/bind9/issues/462
+Apply fix from NetBSD revision 1.24.
---- lib/isc/unix/socket.c.orig 2018-07-24 17:24:11.000000000 +0000
+--- lib/isc/unix/socket.c.orig 2018-10-06 01:36:17.000000000 +0000
+++ lib/isc/unix/socket.c
-@@ -257,6 +257,7 @@ typedef enum { poll_idle, poll_active, p
- #define SOFT_ERROR(e) ((e) == EAGAIN || \
+@@ -258,6 +258,7 @@ typedef enum { poll_idle, poll_active, p
(e) == EWOULDBLOCK || \
+ (e) == ENOBUFS || \
(e) == EINTR || \
+ (e) == ENOBUFS || \
(e) == 0)
#define DLVL(x) ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_SOCKET, ISC_LOG_DEBUG(x)
-@@ -1952,7 +1953,7 @@ doio_recv(isc__socket_t *sock, isc_socke
- SOFT_OR_HARD(EHOSTDOWN, ISC_R_HOSTDOWN);
- /* HPUX 11.11 can return EADDRNOTAVAIL. */
- SOFT_OR_HARD(EADDRNOTAVAIL, ISC_R_ADDRNOTAVAIL);
-- ALWAYS_HARD(ENOBUFS, ISC_R_NORESOURCES);
-+ SOFT_OR_HARD(ENOBUFS, ISC_R_NORESOURCES);
- /* Should never get this one but it was seen. */
- #ifdef ENOPROTOOPT
- SOFT_OR_HARD(ENOPROTOOPT, ISC_R_HOSTUNREACH);
-@@ -2149,7 +2150,7 @@ doio_send(isc__socket_t *sock, isc_socke
- ALWAYS_HARD(EHOSTDOWN, ISC_R_HOSTUNREACH);
- #endif
- ALWAYS_HARD(ENETUNREACH, ISC_R_NETUNREACH);
-- ALWAYS_HARD(ENOBUFS, ISC_R_NORESOURCES);
-+ SOFT_OR_HARD(ENOBUFS, ISC_R_NORESOURCES);
- ALWAYS_HARD(EPERM, ISC_R_HOSTUNREACH);
- ALWAYS_HARD(EPIPE, ISC_R_NOTCONNECTED);
- ALWAYS_HARD(ECONNRESET, ISC_R_CONNECTIONRESET);
+@@ -1575,7 +1576,8 @@ build_msghdr_send(isc__socket_t *sock, c
+
+ #if defined(IPV6_USE_MIN_MTU)
+ if ((sock->type == isc_sockettype_udp) &&
+- ((dev->attributes & ISC_SOCKEVENTATTR_USEMINMTU) != 0))
++ ((dev->attributes & ISC_SOCKEVENTATTR_USEMINMTU) != 0) &&
++ (sock->pf == AF_INET6))
+ {
+ int use_min_mtu = 1; /* -1, 0, 1 */
+
diff -r 85117f49c04b -r c29ae5fa9fc0 net/bind911/patches/patch-lib_lwres_getaddrinfo.c
--- a/net/bind911/patches/patch-lib_lwres_getaddrinfo.c Sun Oct 21 05:48:56 2018 +0000
+++ b/net/bind911/patches/patch-lib_lwres_getaddrinfo.c Sun Oct 21 15:51:14 2018 +0000
@@ -1,10 +1,10 @@
-$NetBSD: patch-lib_lwres_getaddrinfo.c,v 1.1 2018/09/09 13:11:38 taca Exp $
+$NetBSD: patch-lib_lwres_getaddrinfo.c,v 1.2 2018/10/21 15:51:14 taca Exp $
* Add fix for KAME based implementation.
---- lib/lwres/getaddrinfo.c.orig 2018-07-03 06:56:55.000000000 +0000
+--- lib/lwres/getaddrinfo.c.orig 2018-10-06 01:36:17.000000000 +0000
+++ lib/lwres/getaddrinfo.c
-@@ -148,6 +148,10 @@
+@@ -149,6 +149,10 @@
#include <lwres/stdlib.h>
#include <lwres/string.h>
@@ -15,27 +15,3 @@
#define SA(addr) ((struct sockaddr *)(addr))
#define SIN(addr) ((struct sockaddr_in *)(addr))
#define SIN6(addr) ((struct sockaddr_in6 *)(addr))
-@@ -372,14 +376,22 @@ lwres_getaddrinfo(const char *hostname,
- p = strchr(ntmp, '%');
- ep = NULL;
-
-+#ifdef __KAME__
-+ if (p != NULL) {
-+ scopeid = if_nametoindex(p + 1);
-+ if (scopeid)
-+ p = NULL;
-+ }
-+#endif
- /*
- * Vendors may want to support non-numeric
- * scopeid around here.
- */
-
-- if (p != NULL)
-+ if (p != NULL) {
- scopeid = (lwres_uint32_t)strtoul(p + 1,
- &ep, 10);
-+ }
- if (p != NULL && ep != NULL && ep[0] == '\0')
- *p = '\0';
- else {
Home |
Main Index |
Thread Index |
Old Index